APT actors and cybercriminals both exploit proxy anonymization layers and VPN nodes to mask their malicious activities, while Pawn Storm, a well-known APT group, infiltrated a cybercriminal botnet of compromised Ubiquiti EdgeRouters in 2022 and used it for espionage. The…
Tag: EN
Cisco IP Phone Vulnerability Let Attackers Trigger DoS Attack
Cisco has disclosed multiple vulnerabilities in its IP Phone firmware that could severely impact users by allowing unauthenticated, remote attackers to perform denial of service (DoS) attacks, gain unauthorized access, and view sensitive information. These vulnerabilities affect several Cisco IP…
Google Announces Passkeys Adopted by Over 400 Million Accounts
Google on Thursday announced that passkeys are being used by over 400 million Google accounts, authenticating users more than 1 billion times over the past two years. “Passkeys are easy to use and phishing resistant, only relying on a fingerprint, face scan or…
Microsoft issues cyber threat alert to Google on Vulnerable Mobile Apps
Microsoft Security Analysis team recently alerted Google’s Android Security Research teams to a critical issue potentially affecting billions of Android app users. This vulnerability could lead to various cyber threats, including token thefts, code execution attacks, and other common security…
New “Goldoon” Botnet Hijacking D-Link Routers to Use for Other Attacks
Security researchers at FortiGuard Labs discovered a new botnet in April that exploits a weakness in D-Link devices. Dubbed “Goldoon,” this botnet has been observed exploiting a nearly decade-old security flaw, CVE-2015-2051, to gain unauthorized control over affected routers and…
Europol op shutters 12 scam call centers and cuffs 21 suspected fraudsters
Cops prevented crims from bilking victims out of more than €10m – but couldn’t stop crime against art A Europol-led operation dubbed “Pandora” has shut down a dozen phone scam centers, and arrested 21 suspects. The cops reckon the action…
Four Critical Vulnerabilities Expose HPE Aruba Devices to RCE Attacks
HPE Aruba Networking (formerly Aruba Networks) has released security updates to address critical flaws impacting ArubaOS that could result in remote code execution (RCE) on affected systems. Of the 10 security defects, four are rated critical in severity – CVE-2024-26304 (CVSS score: 9.8)…
Indonesia sneakily buys spyware, claims Amnesty International
A ‘murky’ web sees many purchases run through Singapore in a way that hides potential users Indonesia has acquired spyware and surveillance technologies through a “murky network” that extends into Israel, Greece, Singapore and Malaysia for equipment sourcing, according to…
Ransom recovery costs reach $2.73 million
Average ransom payment has increased 500% in the last year, according to Sophos. Organizations that paid the ransom reported an average payment of $2 million, up from $400,000 in 2023. However, ransoms are just one part of the cost. Excluding…
Most companies changed their cybersecurity strategy in the past year
Businesses worldwide have faced a rate of change in the threat environment evidenced by 95% of companies reporting cybersecurity strategy adjustments within just the past year, according to LogRhythm. Strategic shifts within organizations At the heart of these strategic shifts…
97% of security leaders have increased SaaS security budgets
58% of the organizations were affected by a SaaS security incident in the last 18 months, according to Valence Security’s 2024 State of SaaS Security Report. Likely, as a result, 96% security leaders have made SaaS security a top priority…
What is cybersecurity mesh architecture (CSMA)?
Cybersecurity mesh architecture (CSMA) is a set of organizing principles used to create an effective security framework. Using a CSMA approach means designing a security architecture that is composable and scalable with easily extensible interfaces, a common data schema and…
New infosec products of the week: May 3, 2024
Here’s a look at the most interesting products from the past week, featuring releases from Appdome, Cybersixgill, Proofpoint, Secure Code Warrior, Snyk, and Synopsys. Cybersixgill Third-Party Intelligence module identifies potential supply chain risks The Third-Party Intelligence module combines vendor-specific cyber…
Mitigating breaches on Red Hat OpenShift with the CrowdStrike Falcon Operator
As Kubernetes becomes increasingly integral to production environments, cyber adversaries are likewise becoming more skilled in cloud-native exploitation. According to the CrowdStrike 2024 Global Threat Report, cases involving exploitation of cloud services increased by 110% in 2023, far outpacing non-cloud…
Simplify hybrid cloud operations with Red Hat Enterprise Linux 9.4
Architecting, deploying, and managing hybrid cloud environments can be a challenging and time-consuming process. It starts with processor selection, operating system configuration, application management, and workload protection, and it never ends. Every step requires a reliable, trusted software foundation with…
Beyond the lingo: What does Red Hat Insights and FedRAMP mean for your workload?
Here at Red Hat, we’ve spent over a decade building up the power of Red Hat Insights, making it one of the most valuable pieces of technology included in your Red Hat subscription. We’ve integrated with industry-leading technologies like IBM…
Chinese government website security is often worryingly bad, say Chinese researchers
Bad configurations, insecure versions of jQuery, and crummy cookies are some of myriad problems Exclusive Five Chinese researchers examined the configurations of nearly 14,000 government websites across the country and found worrying lapses that could lead to malicious attacks, according…
ISC Stormcast For Friday, May 3rd, 2024 https://isc.sans.edu/podcastdetail/8966, (Fri, May 3rd)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Friday, May 3rd, 2024…
Biden Signed the TikTok Ban. What’s Next for TikTok Users?
< div class=”field field–name-body field–type-text-with-summary field–label-hidden”> < div class=”field__items”> < div class=”field__item even”> Over the last month, lawmakers moved swiftly to pass legislation that would effectively ban TikTok in the United States, eventually including it in a foreign aid package…
Microsoft, Google do a victory lap around passkeys
Windows giant extends passwordless tech to everyone else Microsoft today said it will now let us common folk — not just commercial subscribers — sign into their Microsoft accounts and apps using passkeys with their face, fingerprint, or device PIN.… This…